syslog.conf logging to a script

This website describes how to do it.


http://www.softpanorama.org/Logs/Syslog/pipes_in_syslog.shtml

Securing SSH on the internet - Changing listening port

By default sshd uses port 22 and any hacker know that ... so to make you server a little more obscure from hackers and their bots simply change the port sshd used like so ...

[red@localhost ~]$ cd /etc/ssh/
[red@localhost ssh]$ sudo cp sshd_config sshd_config.port22
[red@localhost ssh]$ sudo diff sshd_config sshd_config.port22
13c13
< Port 88
---
> #Port 22

[red@localhost ssh]$ sudo /etc/init.d/sshd restart
Stopping sshd:                                             [  OK  ]
Starting sshd:                                             [  OK  ]
[red@localhost ssh]$
[red@localhost ssh]$

OOPS! I forgot to update my port forwading on my router at home :-O

Disallowing root ssh access to your server (OpenSSH)

I want to be able to ssh into my server at home so I enabled port forwarding on my router.  And, of course, the very next day there is some a**hole's bot out there trying to brut force there way in as root ... 

Sep 29 06:50:28 localhost sshd[14292]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=12.151.36.14  user=root
Sep 29 06:50:30 localhost sshd[14292]: Failed password for root from 12.151.36.14 port 50017 ssh2
Sep 29 06:50:30 localhost sshd[14293]: Received disconnect from 12.151.36.14: 11: Bye Bye
Sep 29 06:50:30 localhost sshd[14295]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=12.151.36.14  user=root
Sep 29 06:50:32 localhost sshd[14295]: Failed password for root from 12.151.36.14 port 51098 ssh2
Sep 29 06:50:32 localhost sshd[14296]: Received disconnect from 12.151.36.14: 11: Bye Bye
 

 Best thing to do is disallow ssh access as root like so ...

[red@localhost ssh]$ cd
[red@localhost ~]$ cd /etc/ssh/
[red@localhost ssh]$ sudo cp sshd_config sshd_config.orig
[red@localhost ssh]$ sudo vim sshd_config
[red@localhost ssh]$ sudo diff sshd_config sshd_config.orig
39c39
< PermitRootLogin no
---
> #PermitRootLogin yes
 [plankton@localhost ssh]$ sudo /etc/init.d/sshd restart
Stopping sshd:                                             [  OK  ]
Starting sshd:                                             [  OK  ]
[red@localhost ssh]$

Found a useful Unix/Linux site.

http://www.unixtutorial.org/

I posted a question about the problems I am having mounting DVDs on my ubuntu server

don't use /etc/fstab to mount USD External MyBook HDs on ubuntu

I have had problems booting my system (HP Proliant ML110) running ubuntu 10.04.1 (64 bit). If for some reason one of the drives is not responsive the system wouldn't boot.  So instead I mount my mybook hard drives with a script:

#!/bin/sh

UUIDS="d4b57836-3897-4264-a5d3-ba0d8d21ce8c \
289af6ab-aea5-4b68-b4b1-28fd71e9ceee \
4d8df696-264f-413a-883c-92622d6d50aa \
aae0aa05-c167-4605-8ab9-6e52e4c992db \
c2ba49c4-627d-4074-9dcf-74216314f4a1 \
c6500c6e-b224-42a2-8ddc-2b8c10d8f4fa"

for uuid in $UUIDS
do
        if [ ! -e /media/$uuid/MOUNTED ]
        then
                sudo mount -t auto /dev/disk/by-uuid/$uuid /media/$uuid
                sleep 1
        else
                echo "$0 Good $uuid is mounted."
        fi
done

Changing the -guest password on E3000 linksys router

The configuration tool(s) for the E3000 linksys suck!  If you ever clicked on 'advanced routing' you will no longer be able to use the "cisco connect" software.  Instead you will go to the router setup on your local network and 192.168.1.1 (or whatever you set) where much of the functionality is missing ... like setting the password for the guest connection.

Here's the linksys help page for how to do this:  Title: Finding out Wireless Network Name and Password in Cisco Connect

But when I run "Cisco Connect" I do not see what they show in the article.  I see this:

If you click on the "Open advanced setting" link your browser will open and you and log to a setup web page being served out of the E3000 router.  But in that web page THERE IS NO WAY TO SEE OR CHANGE THE PASSWORD OF THE GUEST CONNECTION !!!

Oh you know what else sucks ... at the bottom of the "article" at linksys there is a feedback form ... you know was this article helpful [] yes [] no [] somewhat ... I select NO and the window closed on me :/

Well I have spent an hour dicking around with the linksys/cisco on-line support ... I guess the only anyone can do is to set the router back to factory defaults and reinstall the CRAPPY "Cisco Connect" software.

rpm vs apt-*

Someone needs to come up with cheat-sheet for rpm and apt-* equivalent commands

VPN Server for home network?

I might want to be able to VPN into my home network to help the with home business while I am away

https://help.ubuntu.com/community/VPNServer/

also look here : http://openvpn.net/

What the heck is /dev/shm ?

It is tempfs (what's tempfs)?

From: http://lxr.linux.no/#linux+v2.6.35.5/Documentation/filesystems/tmpfs.txt#L57

tmpfs has three mount options for sizing:

size:      The limit of allocated bytes for this tmpfs instance. The 
           default is half of your physical RAM without swap. If you
           oversize your tmpfs instances the machine will deadlock
           since the OOM handler will not be able to free that memory.
nr_blocks: The same as size, but in blocks of PAGE_CACHE_SIZE.
nr_inodes: The maximum number of inodes for this instance. The default
           is half of the number of your physical RAM pages, or (on a
           machine with highmem) the number of lowmem RAM pages,
           whichever is the lower.

These parameters accept a suffix k, m or g for kilo, mega and giga and
can be changed on remount.  The size parameter also accepts a suffix %
to limit this tmpfs instance to that percentage of your physical RAM:
the default, when neither size nor nr_blocks is specified, is size=50%

If nr_blocks=0 (or size=0), blocks will not be limited in that instance;
if nr_inodes=0, inodes will not be limited.  It is generally unwise to
mount with such options, since it allows any user with write access to
use up all the memory on the machine; but enhances the scalability of
that instance in a system with many cpus making intensive use of it.


tmpfs has a mount option to set the NUMA memory allocation policy for
all files in that instance (if CONFIG_NUMA is enabled) - which can be
adjusted on the fly via 'mount -o remount ...'

mpol=default             use the process allocation policy
                         (see set_mempolicy(2))
mpol=prefer:Node         prefers to allocate memory from the given Node
mpol=bind:NodeList       allocates memory only from nodes in NodeList
mpol=interleave          prefers to allocate from each node in turn
mpol=interleave:NodeList allocates from each node of NodeList in turn
mpol=local               prefers to allocate memory from the local node

NodeList format is a comma-separated list of decimal numbers and ranges,
a range being two hyphen-separated decimal numbers, the smallest and
largest node numbers in the range.  For example, mpol=bind:0-3,5,7,9-15

A memory policy with a valid NodeList will be saved, as specified, for
use at file creation time.  When a task allocates a file in the file
system, the mount option memory policy will be applied with a NodeList,
if any, modified by the calling task's cpuset constraints
[See Documentation/cgroups/cpusets.txt] and any optional flags, listed
below.  If the resulting NodeLists is the empty set, the effective memory
policy for the file will revert to "default" policy.

NUMA memory allocation policies have optional flags that can be used in
conjunction with their modes.  These optional flags can be specified
when tmpfs is mounted by appending them to the mode before the NodeList.
See Documentation/vm/numa_memory_policy.txt for a list of all available
memory allocation policy mode flags and their effect on memory policy.

        =static         is equivalent to        MPOL_F_STATIC_NODES
        =relative       is equivalent to        MPOL_F_RELATIVE_NODES

For example, mpol=bind=static:NodeList, is the equivalent of an
allocation policy of MPOL_BIND | MPOL_F_STATIC_NODES.

Note that trying to mount a tmpfs with an mpol option will fail if the
running kernel does not support NUMA; and will fail if its nodelist
specifies a node which is not online.  If your system relies on that
tmpfs being mounted, but from time to time runs a kernel built without
NUMA capability (perhaps a safe recovery kernel), or with fewer nodes
online, then it is advisable to omit the mpol option from automatic
mount options.  It can be added later, when the tmpfs is already mounted
on MountPoint, by 'mount -o remount,mpol=Policy:NodeList MountPoint'.


To specify the initial root directory you can use the following mount
options:

mode:   The permissions as an octal number
uid:    The user id 
gid:    The group id

These options do not have any effect on remount. You can change these
parameters with chmod(1), chown(1) and chgrp(1) on a mounted filesystem.


So 'mount -t tmpfs -o size=10G,nr_inodes=10k,mode=700 tmpfs /mytmpfs'
will give you tmpfs instance on /mytmpfs which can allocate 10GB
RAM/SWAP in 10240 inodes and it is only accessible by root.


Author:
   Christoph Rohland <cr@sap.com>, 1.12.01
Updated:
   Hugh Dickins, 4 June 2007
Updated:
   KOSAKI Motohiro, 16 Mar 2010

Using 2TB Mybook with ubuntu and ML110 Proliant

I am hooking my 2TB Mybook to my ML110 running ubuntu server 10.04.1.
I read in the /etc/fstab that I would do this ...

wee@ubuntu:~$ sudo blkid -o full -s UUID
/dev/sda1: UUID="82d18b5c-0049-4ff6-9ab7-6a87cd5906db"
/dev/sda2: UUID="d97daca7-8046-49d7-93bd-24a6ee6ad33d"
/dev/sda3: UUID="bf565e06-0ddd-44b5-b58f-bc9771c55b21"
/dev/sda5: UUID="685a4f87-57c2-4aca-8bf4-54f112e19cbd"
/dev/sda6: UUID="21fa44e0-651c-4e22-8e88-240c2546e39b"
/dev/sda7: UUID="d7121d7e-0969-4b30-86e4-987d530702d9"
/dev/sda8: UUID="9c0f5186-c475-4d5f-a1ef-5a46fe5ddb9e"
/dev/sdb1: UUID="68066cd7-6446-42b7-9386-892a2d540691"

So this is my /etc/fstab ...

wee@ubuntu:~$ cat /etc/fstab
# /etc/fstab: static file system information.
#
# Use 'blkid -o value -s UUID' to print the universally unique identifier
# for a device; this may be used with UUID= as a more robust way to name
# devices that works even if disks are added and removed. See fstab(5).
#
#
proc /proc proc nodev,noexec,nosuid 0 0
# / was on /dev/sda1 during installation
UUID=82d18b5c-0049-4ff6-9ab7-6a87cd5906db / ext4 errors=remount-ro 0 1
# /coop was on /dev/sda8 during installation
UUID=9c0f5186-c475-4d5f-a1ef-5a46fe5ddb9e /coop ext4 defaults 0 2
# /home was on /dev/sda5 during installation
UUID=685a4f87-57c2-4aca-8bf4-54f112e19cbd /home ext4 defaults 0 2
# /tmp was on /dev/sda6 during installation
UUID=21fa44e0-651c-4e22-8e88-240c2546e39b /tmp ext4 defaults 0 2
# /usr was on /dev/sda3 during installation
UUID=bf565e06-0ddd-44b5-b58f-bc9771c55b21 /usr ext4 defaults 0 2
# /var was on /dev/sda2 during installation
UUID=d97daca7-8046-49d7-93bd-24a6ee6ad33d /var ext4 defaults 0 2
# swap was on /dev/sda7 during installation
UUID=d7121d7e-0969-4b30-86e4-987d530702d9 none swap sw 0 0
#
# Mybooks
# got UUID from executing sudo blkid -o full -s UUID
UUID=68066cd7-6446-42b7-9386-892a2d540691 /media/coop-disk-01 ext3 defaults 0 0


I did have to also do fdisk & mkfs ... no surprise there.

But no joy ...


wee@ubuntu:~$ sudo mount /media/coop-disk-01
[sudo] password for wee:
mount: special device UUID=68066cd7-6446-42b7-9386-892a2d540691 does not exist
wee@ubuntu:~$ df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/sda1 7690408 345136 6954616 5% /
none 502920 228 502692 1% /dev
none 507352 32 507320 1% /dev/shm
none 507352 96 507256 1% /var/run
none 507352 0 507352 0% /var/lock
none 507352 0 507352 0% /lib/init/rw
/dev/sda5 24382868 247916 22896376 2% /home
/dev/sda8 93687744 188104 88740500 1% /coop
/dev/sda6 1921036 36344 1787108 2% /tmp
/dev/sda2 14614904 978032 12894472 8% /var
/dev/sda3 9612516 3050876 6073348 34% /usr


Looks like that UUID number that is not suppose to change changed ???

So change line in fstab to ...


#
# Mybooks
# got UUID from executing sudo blkid -o full -s UUID
#UUID=68066cd7-6446-42b7-9386-892a2d540691 /media/coop-disk-01 ext3 defaults 0 0
UUID=d4b57836-3897-4264-a5d3-ba0d8d21ce8c /media/coop-disk-01 auto defaults 0 0


Now mount works ...


wee@ubuntu:~$ sudo mount /media/coop-disk-01
wee@ubuntu:~$ df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/sda1 7690408 345136 6954616 5% /
none 502920 228 502692 1% /dev
none 507352 28 507324 1% /dev/shm
none 507352 96 507256 1% /var/run
none 507352 0 507352 0% /var/lock
none 507352 0 507352 0% /lib/init/rw
/dev/sda5 24382868 248028 22896264 2% /home
/dev/sda8 93687744 188104 88740500 1% /coop
/dev/sda6 1921036 36352 1787100 2% /tmp
/dev/sda2 14614904 978032 12894472 8% /var
/dev/sda3 9612516 3050876 6073348 34% /usr
/dev/sdb1 1922858352 68956 1825113796 1% /media/coop-disk-01


I rebooted the system just for fun. The system didn't come back up! I had to connect a monitor and saw the system was trying to PXE boot!!! Oh crap !!! What did I do? Did I just format my boot disk? Well turns out that Phoniex Setup software on the HP ML110 defautls to using the USB device as the boot disk. I had to hit F10 and get into the setup and monkey with the boot order and everything was fine. Kinda of scary !!!

How to create zombie process

I know that zombie processes do not take up any system resources expect maybe in extreme cases where your system would max out the number of processes in the process table. And people usually ask "why am I seeing zombie [or <defunct>] processes" and "how do I get rid of them". I am asking just that question but I need to understand at the code level how this happens.


#!/usr/bin/perl -w
use strict;
use warnings;

use Sys::Syslog qw(:DEFAULT setlogsock);

my $keep_going = 1;

#
# startDaemon
#
my $child_pid;
if( $child_pid = fork ){
print "This is parent process and child ID is $child_pid .\n";
print "Parent process is sleep for 60 seconds ... \n";
sleep 60;
print "Parent process is exitting 0.\n";
exit 0;
}

# give the child something to do like write the /var/log/messages
setlogsock('unix');
openlog('Two', 'pid,nowait', 'local1');

my $count = 0;
while( $keep_going == 1 ) {
my $date = `date`;
chomp( $date );
syslog( "crit", "The date is [$date]" );
my $out = `date >> /tmp/Two.pl.log`;
sleep 5;
if ( $count == 2 ) { die "count is 5 ... arrgg!\n"; }
$count ++;
}
closelog();
exit (0); # child exits here


... now run it and then in another terminal execute ...


$ ps -ef | grep logg
rala 698 31230 0 15:21 pts/0 00:00:00 /usr/bin/perl -w ./logging_deamon_example3_make_zombies.pl
rala 699 698 0 15:21 pts/0 00:00:00 /usr/bin/perl -w ./logging_deamon_example3_make_zombies.pl
rala 704 32676 0 15:21 pts/1 00:00:00 grep logg
$ ps -ef | grep logg
rala 698 31230 0 15:21 pts/0 00:00:00 /usr/bin/perl -w ./logging_deamon_example3_make_zombies.pl
rala 699 698 0 15:21 pts/0 00:00:00 /usr/bin/perl -w ./logging_deamon_example3_make_zombies.pl
rala 725 32676 0 15:21 pts/1 00:00:00 grep logg
$ ps -ef | grep logg
rala 698 31230 0 15:21 pts/0 00:00:00 /usr/bin/perl -w ./logging_deamon_example3_make_zombies.pl
rala 699 698 0 15:21 pts/0 00:00:00 [logging_deamon_]
rala 727 32676 0 15:21 pts/1 00:00:00 grep logg
$ ps -ef | grep logg
rala 698 31230 0 15:21 pts/0 00:00:00 /usr/bin/perl -w ./logging_deamon_example3_make_zombies.pl
rala 699 698 0 15:21 pts/0 00:00:00 [logging_deamon_]
rala 729 32676 0 15:21 pts/1 00:00:00 grep logg


Whoo! Hoo! There a zombine!

You can keep the zombies from happening by adding ...

$SIG{'CHLD'} = 'IGNORE';

... before doing the fork.

nomachine installed no problem!

Wow! Something easy and useful! went to http://www.nomachine.com/download-package.php
downloaded the three deb packages and installed as per instructions.

quick notes on ubuntu server and gnome desktop

finally got it working. Not extacly sure how ...

did stuff like

# apt-get install gnome-desktop-environmet
...
then later on 
# apt-get install xserver-xorg 

figured that out because ...

startx

would fail with /usr/bin/X not found.
So i got ubuntu to tell what to install by executing

# /usr/bin/X

and the error message said to install xerver-xorg ... kinda nice


then reboot ... looks awesome

Gnome Desktop Software and Ubuntu Server 10.04.1

Since ubuntu server is a "server" there is no desktop software installed by default (I guess). So I am learning to use "aptitiude" to install things.

Got a HP Proliant ML110 G6 / Installing ubuntu server 10.04.1 64bit

I will install ubuntu 10.04.1 64bit on it ... or I'll try to :)

The partitioning on the ubuntu install is a bit confusing.
Default is all avail diskspace as LVM root with just root and swap.
Somehow I wound up with /usr, /var, tmp and a huge /home partition.
Guess I got some learning to do.

I Guess I Should Read the Dojo Basics

So I am looking at :

http://dojotoolkit.org/reference-guide/quickstart/dojo-basics.html#quickstart-dojo-basics.

It talks about

dojo.require

let's try it out ...

I got something ...

Error: uncaught exception: Could not load cross-domain resources: something

Attempt to Quick Start with DoJo

I heard about Dojo last week.  Figured I play around with it.  I thought I would try and write a simple javascript base Web UI to a chess board.  I had done this a while back in 90's with just straight javascript.  It was pretty straight forward and I was able to hook it up to a "crafty" chess engine on the backend. 

So I went to :

http://dojotoolkit.org/reference-guide/quickstart/gettingstarted.html#quickstart-gettingstarted

So on my web server I created ...

plankton@ubuntu:/var/www/EC$ cat mytry1.html
<html>
<head>
        <!-- see http://www.dojotoolkit.org/download/ --!>
        <script src="http://ajax.googleapis.com/ajax/libs/dojo/1.5/dojo/dojo.xd.js"></script>
    <title>My Dojo Try 1</title>
</head>

<body>
<p>
&copy; Me MMX
</p>
</body>
</html>
</code>

... and loaded it in my browser and no surprise all that got outputted was the copyright thingy.

Next I took a look at an example and cut-n-pasted (like it said to do) this ...

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html dir="ltr">
   
    <head>
        <link rel="stylesheet" type="text/css" href="../_static/js/dijit/themes/claro/claro.css"
        />
        <style type="text/css">
            body, html { font-family:helvetica,arial,sans-serif; font-size:90%; }
        </style>
    </head>
   
    <body class=" claro ">
        <div id="showMe" style="padding: 10px;">
            click here to see how it works
        </div>
    </body>
    <script type="text/javascript" src="../_static/js/dojo/dojo.js" djConfig="parseOnLoad: true">
    </script>
    <script>
        dojo.addOnLoad(function() {
            dojo.query("#showMe").onclick(function(e) {
                var node = e.target;

                var a = dojo.anim(node, {
                    backgroundColor: "#363636",
                    color: "#f7f7f7"
                },
                1000);

                dojo.connect(a, "onEnd", function() {
                    dojo.anim(node, {
                        color: "#363636"
                    },
                    null, null, function() {
                        node.innerHTML = "wow, that was easy!";
                        dojo.anim(node, {
                            color: "white"
                        });
                    });
                });
            });
        });
    </script>
    <!-- NOTE: the following script tag is not intended for usage in real
    world!! it is part of the CodeGlass and you should just remove it when
    you use the code -->
    <script type="text/javascript">
        dojo.addOnLoad(function() {
            if (document.pub) {
                document.pub();
            }
        });
    </script>

</html>

... into a file mytry2.html ... and what do you think happened when I loaded that with my browser???? OH! the suspense! Well the string ...

click here to see how it works

... got outputted and what do you thing happens when you click on the string ????

Are you sitting down?

Well nothing happened. Lame :( What am I doing wrong?